תמונות העטיפה

Access Control Analysis in Heterogeneous Big Data Management Systems

שמור ב:
הוצא לאור ב:Programming and Computer Software vol. 50, no. 7 (Dec 2024), p. 549
יצא לאור:
Springer Nature B.V.
נושאים:
Data management
Data analysis
Big Data
Data models
Data integrity
Systems analysis
Security
Infrastructure
Distributed ledger
Policy analysis
Knowledge management
Flexibility
Data systems
Demand analysis
Data processing
Access control
Blockchain
Data encryption
Control systems
Automation
Artificial intelligence
Workloads
Management systems
גישה מקוונת:Citation/Abstract
Full Text
Full Text - PDF
תגים: הוספת תג
אין תגיות, היה/י הראשונ/ה לתייג את הרשומה!
Resumen:Big data management systems are in demand today in almost all industries, being also a foundation for artificial intelligence training. The use of heterogeneous polystores in big data systems has led to the fact that tools within the same system have different data granularity and access control models. The harmonization of these components by the security administrator and the implementation of a common access policy are now carried out by hand. This leads to an increasing number of vulnerabilities, which in turn become frequent causes of data leaks. The current situation in the field of automation and analysis of access control in big data systems reveals the lack of automation solutions for polystore-based systems. This paper addresses the problem of automated access control analysis in big data management systems. We formulate and discuss the main contradiction between the requirement of scalability and flexibility of access control and the increased workload on the security administrator, aggravated by the use of different data and access control models in system components. To solve this problem, we propose a new automated method for analyzing security policies based on a graph model, which reduces the number of potential vulnerabilities caused by incorrect management of big data systems. The proposed method uses the data lifecycle model of the system, its current settings, and the required security policy. The use of two-pass analysis (from data sources to data receivers and back) allows us to solve two problems: the analysis of the access control system for potential vulnerabilities and the check for business logic vulnerabilities. As an example, we consider the use of a developed prototype tool for security policy analysis in a big data management system.
ISSN:0361-7688
1608-3261
DOI:10.1134/S0361768824700269
Fuente:Advanced Technologies & Aerospace Database